Hackers threaten to release huge amount of stolen NHS Scotland data

The criminal hacking group INC RANSOM has demanded a ransom from NHS Scotland in exchange for three terabytes of confidential information, including patient data

A criminal hacking group has claimed it has three terabytes of NHS Scotland data, which it is threatening to release after a huge cyber attack.

The group, INC RANSOM, has published its demands and a “proof pack” showing it holds the information, including patient data, on its dark web blog. It has not specified a deadline for a ransom payment to be provided.

Hide Ad
Hide Ad

It follows an attack earlier this month on NHS Dumfries and Galloway which the Scottish Government says has been contained to one NHS board. Police Scotland is continuing to investigate along with the National Cyber Security Centre.

It follows a cyber attack earlier this monthIt follows a cyber attack earlier this month
It follows a cyber attack earlier this month

The amount of data which the group claims to hold is the equivalent of three million high quality photos. The data published do far, including patient information, has been confirmed as genuine.

At the time of the attack, the health board would only say a “significant quantity” of data had been put at risk.

In a statement posted to the health board’s website, its chief executive Jeff Ace said: “We absolutely deplore the release of confidential patient data as part of this criminal act.

“This information has been released by hackers to evidence that this is in their possession.

“We are continuing to work with Police Scotland, the National Cyber Security Centre, the Scottish Government, and other agencies in response to this developing situation.”

Patients whose data has been leaked will be contacted by the board, he said, while patient-facing services will continue as normal, he added.

Mr Ace said: “NHS Dumfries and Galloway is very acutely aware of the potential impact of this development on the patients whose data has been published, and the general anxiety which might result within our patient population.”

Hide Ad
Hide Ad

Scottish Liberal Democrat leader Alex Cole-Hamilton, said the latest reports were “extremely troubling”

"My thoughts are with the staff and patients at NHS Dumfries and Galloway who will be feeling shaken by the news.

“With so much of our lives now online, we need to be alert to the fresh opportunities that this creates for criminals.

“My party requested an urgent question on this matter in Parliament, but unfortunately this wasn’t granted. Ministers must explain what steps they are taking to prevent this attack from happening in other health boards, as well as ensuring that boards and public bodies can share advice, information and expertise.”

A Police Scotland spokeswoman said inquiries into the hacking were continuing.

A spokesman for the National Cyber Security Centre said: “We are working with law enforcement, NHS Scotland and the Scottish Government to fully understand the impact of an incident.”

A spokeswoman for the Scottish Government said: “We are aware of some data published on the web that is linked to the recent cyber attack on NHS Dumfries and Galloway.

“This incident remains contained to NHS Dumfries and Galloway and there have been no further incidents across NHS Scotland as a whole.

Hide Ad
Hide Ad

“The Scottish Government is working with the health board, Police Scotland and other agencies, including the National Crime Agency and National Cyber Security Centre, to assess the level of this breach and the possible implications for individuals concerned.

“The Scottish Government is continuing to provide support to NHS Dumfries and Galloway as they deal with this ongoing situation. This remains an ongoing police investigation.”